Docs

Workspace governance

Company members, roles, groups, reviews and skill access control.

Each customer uses one company Workspace. Codenskills provisions it and invites the first Owner; authentication by itself never creates a personal or free Workspace. Skills, Drafts, sources, collections and approved releases stored in Codenskills belong to that company Workspace.

Members and roles

Owners and admins invite named members by email. Each member has a normal role:

RoleWhat it adds
MemberUses granted skills, manages their own Drafts and handles reviews assigned to them.
AdminManages members, groups, reviews, access, activity and Workspace content.
OwnerEverything above, plus ownership-level Workspace and commercial controls.

Invitations are accepted when the invitee signs in with the invited, verified email. Licensed capacity and invitation expiry are controlled by the applicable company agreement. See Access & commercial terms.

Groups and access

Groups organize members for access control. Owners and admins can grant a skill to an individual user, a group or the whole Workspace. Discovery and access are separate: a skill can be requestable without already being installable.

Company SSO can map identity-provider groups into Codenskills. Those groups are managed externally and refreshed at sign-in; see Enterprise SSO.

Reviewer assignments

Owners and admins assign reviewers to the whole Workspace, a collection or a single skill. Reviewer scope allows decisions on matching submissions but does not grant administration or content-management rights.

Every member can author and submit their own Drafts. Owners and admins manage other members' content, sources, manual collections and destructive actions.

Security criteria and release

Owners and admins can add Workspace-specific scan requirements from Settings → Security. Rules can add a watch finding or block review, but they can never weaken the built-in result. Every save creates an immutable policy revision.

A Ready release requires the trusted scan of the exact package plus an authorized human approval. Connected clients receive only the Ready version allowed by the user's effective grants, apart from the explicit author-only Unreviewed Draft test path.

Activity

Owners and admins can inspect and export the Workspace activity history for skills, reviews, access, credentials and member administration. Members do not receive organization-wide audit or commercial visibility simply because they can use a skill.